Error Pointer Dereference in Linux Kernel by vendor XYZ
CVE-2025-40156

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 12 November 2025

What is CVE-2025-40156?

A potential security flaw exists in the Linux kernel where an error pointer could be dereferenced due to improper validation. The drv->sram_reg pointer may be incorrectly set to ERR_PTR(-EPROBE_DEFER), risking system stability and security vulnerabilities. The recommended solution involves checking pointer validity using IS_ERR_OR_NULL() to prevent exploitation and maintain system integrity.

Affected Version(s)

Linux e09bd5757b5227d6804b30c58d4587f7f87d1afa < 9cc23e221f392304b7b8aad213812564ddf6517e

Linux e09bd5757b5227d6804b30c58d4587f7f87d1afa < 80eab6a9df7e1107dc334434dbacd05297703377

Linux e09bd5757b5227d6804b30c58d4587f7f87d1afa < 44e32104cf7e670e3d683c97b52350d8fac23322

References

https://git.kernel.org/stable/c/9cc23e221f392304b7b8aad21...

https://git.kernel.org/stable/c/80eab6a9df7e1107dc334434d...

https://git.kernel.org/stable/c/44e32104cf7e670e3d683c97b...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 12, 2025
Vulnerability Reserved
Apr 16, 2025

JSON